<?php
include('config.php');
session_start();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    //echo "autorizzato " . $_SESSION['autorizzato'];

    $login = filter_var($_POST['login'], FILTER_SANITIZE_STRING);
    $password = filter_var($_POST['password'], FILTER_SANITIZE_STRING);

    $sql = "SELECT * FROM rama_booking.account where login ="
            . "'" . $login . "' and password = '" . $password . "'";
    //echo " ciao ";
    //echo $login . $password;
    //echo $sql;

    $result = mysql_query($sql);
    $row = mysql_fetch_array($result);
    $count = mysql_num_rows($result);
    if ($count == 1) {        
        $_SESSION['autorizzato'] = "si";
        $_SESSION['villa'] = $row['villa'];
        //echo $_SESSION['autorizzato'];
        //echo $_SESSION['villa'] ;
        //header("location: welcome.php");
        echo 1;
    } else {        
        $_SESSION['autorizzato'] = "no";
        //header("location: index.php");
        echo 0;
    }
}
?>
